Linked List: November 30, 2011

Wednesday, 30 November 2011

The only sure way to keep something private on Facebook is not to
post it to Facebook.

Mark Zuckerberg would never acknowledge this, but I think it will
ultimately benefit both his site and its users if we adjusted our
expectations about “privacy” there. You should approach
Facebook as cautiously as you would approach your open bedroom
window. However restrictive your privacy controls, you should
imagine that everything that you post on Facebook will be
available for public consumption forever. If you follow this
simple rule, you’ll never be blindsided.

The article’s sub-head is a bit unfair, though:

You’re as much to blame for the site’s privacy woes as Mark Zuckerberg.

People are confused about Facebook privacy settings because Facebook wants them to be confused. It’s deliberate. That’s all on Facebook.

It got me thinking about some of the other sites I visit, so I did
some tests loading the homepage of each site and here’s what I
found. There are three stats for each site — the number of http
requests, the size of the page and how long it took the page to
download.

Send me a “Get Off My Lawn, You Goddamn Kids” t-shirt if you want, but I say web pages should still be measured in kilobytes, not megabytes. Especially when the megabytes are almost all forads.

Yahoo’s current strategy seems to be offering a minority stake
of just under 20 percent of the company using PIPE transactions —
Private Investment in a Public Equity. If Yahoo keeps the
proportion of the deal under 20 percent of the company, Yahoo’s
board of directors can approve the deal without putting it to a
shareholder vote. PIPE transactions are generally considered the
province of less-than-reputable companies: they’re essentially a
strategy that allows major changes in company ownership without
shareholder approval. If Yahoo conducts such a transaction, it’s
almost certain to further alienate its investors — unless it can
generate tremendous amounts of cash from the sale.

U.S. Sen. Robert Casey (D., Pa.) has urged the chief executive
officer of US Airways Group Inc. to rescind the airline’s fare
hike planned for flights between Philadelphia and Pittsburgh
in early January, when only US Airways will fly between the
two cities.

The Pittsburgh Post-Gazette reported Tuesday that when Southwest
Airlines Co. drops its flights between Philadelphia and Pittsburgh
on Jan. 8, the price for a US Airways round-trip ticket will jump
from $118 plus tax, to $698 plus tax.

Once logged, Carrier IQ then sends all of this data to its own
servers. That’s incredible. One privately held company that
almost no one has ever heard of has the complete logs of every
email, phone call, web search and text message ever sent or
received by millions of Android, Blackberry and Nokia users.

I don’t think that’s an accurate description of what we know at this point. This stuff gets logged on the device. And Carrier IQ claims that their portal software gives “customers” (a.k.a. phone carriers) the ability to look at this stuff. But I don’t think anyone has shown what gets phoned home.

Even worse? There’s no way to opt out of the Carrier IQ
“service.” On Android phones, your only choice is to root your
phone and replace the operating system with one without the
software pre-installed.

This is absolutely insane. Apple was practically crucified over
LocationGate, which was just a cache of GPS locations stored on
user’s home machines. Meanwhile, almost every Android phone out
there is reading people’s emails and logging their passwords,
while no one bats an eye.

Apple’s location brouhaha wasn’t even about GPS data — it was only a cache of cell tower locations. The problem isn’t that the news media aren’t sensationalizing this Carrier IQ story. The problem is that they would if it involved Apple.

From training documents found we get an insight to the Carrier IQ
Portal. Devices are displayed to the portal operator by
individual phone Equipment ID and Subscriber IDs. The “portal
administrator” can put devices into categories and see devices
in California that have dropped calls at 5pm.

The down side to all of this is the “portal administrator” is
also able to “task” a single phone with a profile containing
any combinations of metric and trigger. From leaked training
documents we can see that portal operators can view and task
metrics by equipment ID, subscriber ID, and more. So instead of
seeing dropped calls in California, they now know “Joe
Anyone’s” location at any given time, what he is running on
his device, keys being pressed, applications being used.

From what I can see, Eckhart’s picture of exactly how Carrier IQ works is incomplete. But I’m pretty sure he’s onto something here. The best-case scenario he paints is still rather alarming. The worst-case scenario is that people working at your phone carrier, using Carrier IQ’s portal software, can watch what you’re doing on your phone as you do it.

Though the software is installed on most modern Android,
BlackBerry and Nokia phones, Carrier IQ was virtually unknown
until 25-year-old Trevor Eckhart of Connecticut analyzed its
workings, revealing that the software secretly chronicles a
user’s phone experience — ostensibly so carriers and phone
manufacturers can do quality control.

But now he’s released a video actually showing the logging
of text messages, encrypted web searches and, well, you name
it. […]

I’ve been reading about Carrier IQ all afternoon, and what they’re logging is simply breathtaking. It’s not clear to me, though, just what is being sent from the devices to Carrier IQ’s servers. What’s being logged on the device is one thing. What’s being sent over the air to Carrier IQ’s servers is another.

All of which raises the obvious question: why is Apple trading
at such a seemingly depressed level? I have a few ideas, none of
which are particularly compelling.

By the way, a few readers haveasked whether I personally own Apple stock. Good question. I do not. I don’t own stock in any companies that I cover regularly here on DF. I do own shares of an S&P 500 mutual fund.

In late 2007, Apple traded at $200 a share after reporting $3.93
in EPS on $24.5 billion in revenue. Turn the pages to 2011 and
it’s an entirely different company. In just four years,
Apple’s earnings have grown 600% to $27.68, and its revenue
skyrocketed 341% to $108.2 billion. That’s the most explosive
4-year growth rate of any large-cap company on the entire S&P 500.

Yet, one wouldn’t know this given the stock’s very
sluggish performance, extremely depressed valuation and the
media’s permanently negative sentiment on the stock over the
past few years.

The flip side is I have to keep questioning myself and what I
believe in. Cellphones should not prompt an existential crisis.
It’s just a phone. But I keep having to ask myself whether I
want Apple to win, or I want better to win. As a designer I
hope I always go for better. Metro is undeniably gorgeous but I
still can’t form an objective opinion about whether the phone as
a whole is good enough to replace my iPhone.

The facts say it’s good enough. My heart says no.

I’ve been testing an HTC Titan for a few weeks, and that’s pretty much how I feel about Windows Phone 7 too.